ZenMate, DotVPN, Hola … None of these browser plugins are real VPNs. In fact, Chrome extensions cannot function as real VPNs at all. Instead, they are just encrypted proxies, usually SSL or HTTPS proxies. These Chrome extensions are VPNs in name only.
True, they function in a similar manner to VPNs. Traffic is encrypted (we hope) and sent through an intermediary server. This can help get around censorship, unblock websites, and protect your privacy.
But these “clientless” VPNs only encrypt traffic coming from the Chrome browser. A true VPN will encrypt all of the traffic travelling to and from your entire device. Furthermore, so-called VPNs that run solely as Chrome extensions are vulnerable to a number of security issues because they do not use OpenVPN or an IPSec-encrypted protocol (L2TP, IKE, SSTP), both of which require a native client to be installed on the user’s device. Finally, they do not extend your network to access remote machines, a key defining feature of a genuine VPN.
Charlie Hosner, a security expert from the University of Michigan, details the vulnerabilities of clientless SSL VPN extensions in a blog post. Those vulnerabilities include man-in-the-middle attacks, worms, keyloggers, and remote management tools.
Furthermore, most free VPN services, whether they run as browser extensions or native apps, are severely limited. They impose bandwidth throttling, data caps, and waiting queues. Many inject tracking cookies and advertisements into your browser, which in effect can actually take a counterproductive toll on user privacy. The worst of them use a decentralized peer-to-peer structure, which eats up idle bandwidth on users’ machines, exposes them to a litany of threats, and in one infamous case (Hola) leverages everyone connected to the network to perform a massive botnet attacks and mine bitcoin.
So, the next time you Google “free VPN for Chrome,” remember that most of the top results you see are not true VPNs. If you want a real VPN, you’re going to have to configure it in your operating system or install a native application, not a browser extension. With very few exceptions, you’re also going to have to pay for it (note: ZenMate’s premium service is a real VPN, but the free browser extension is not).
Below we’ve listed our top five most recommended VPNs for Chrome users, based on the following criteria:
- App design and features
- Speed and reliability
- Customer service
- Number of servers
ExpressVPN tops our list again thanks to security and performance that even the most privacy-conscious among us can appreciate, combined with an app so easy to use a toddler could use it. Performance is fast and stable. ExpressVPN can unblock pretty much anything. That includes being able to bypass the Great Firewall and watch Netflix in a browser or on the mobile app. ExpressVPN makes apps for Windows, MacOS, iOS, Android, Linux (command-line), and certain wifi routers. ExpressVPN have offered Comparitech’s readers 3 months extra free here with their 12 month plan, there’s a 30 day money-back guarantee so you can try it risk free and quit if you are not happy.
Read our full review of ExpressVPN.
NordVPN checks off all of our criteria plus it adds special servers. They include anti-DDoS, ultra-fast streaming, double VPN, and Tor over VPN. The service is completely logless and touts top-of-the-line encryption standards. It unblocks everything, including Netflix and Hulu, even on mobile apps. The apps let you easily connect either by choosing a location on a map or a server from a list. NordVPN makes apps for Windows, MacOS, Android, and iOS.
Read our full review of NordVPN.
Deal alert: NordVPN is currently running a deal with a 72% discount on their 2 year plan.
IPVanish owns and operates all of its physical servers around the world, and that’s a lot of servers. Heavily encrypted OpenVPN is the standard here, and users can set how often they’d like their IP address to change to preserve anonymity. Customers service responds quickly, and download speeds are fast, too. The slick apps can automatically choose a server for you, or you can browse a list of available servers. They are available on Windows, MacOS, iOS, an Android.
VyprVPN also owns and operates all of its own server infrastructure. It even wrote the code that keeps them all up to date and running smoothly. The VPN recently regained the ability to unblock streaming websites that block most other VPNs, including Netflix and Hulu. 24/7 customer service is always at your disposal. The strongest available encryption standards are used at all times, and you can monitor network usage right in the app. Available for Windows, MacOS, iOS, and Android.
StrongVPN is a veteran censorship bypasser, a favorite among users in China. It was also able to unblock Netflix and Hulu in our tests. Users can choose from SSTP, L2TP, and OpenVPN connections. Prompt customer service will be there to help you round the clock if you run into any issues. The network of servers spans the globe. Apps are available for Windows, MacOS, Android, and iOS.
How to install VPNs on Chromebook
Most VPN providers don’t make apps specifically for Chromebook like they do for Windows and Mac. Instead, VPNs must be manually configured on Chrome. Without the need to consider an app, you should choose a VPN based on speed, number of servers, reliability, and security.
Again, don’t resort to a Chrome extension calling itself a VPN if you value security. Instead, find the server configurations on your VPN provider’s website. You’ll need your username, password, server address, and shared secret.
With all of that information in hand, follow these instructions from Google:
- If you haven’t already, sign in to your Chromebook
- Click the status area, where your account picture appears
- Click Settings
- In the “Internet connection” section, click Add connection.
- Click Add OpenVPN / L2TP
- In the box that appears, fill in the information below
- Click Connect
How to prevent WebRTC leaks
Some apps that run inside Chrome require a feature called WebRTC. Those include extensions for torrenting, voice calls, and video chats. WebRTC was built into Chrome and other browsers so that separate plugins wouldn’t have to be installed.
A key way that VPNs protect users’ privacy is by masking their true IP addresses. Unfortunately, WebRTC can expose a device’s original IP address even when the VPN is enabled in what’s known as a WebRTC leak.
To prevent a WebRTC leak in Chrome, you’ll (somewhat ironically) require an extension. A handful are available, but this one is the official release from Google. Once installed, right-click the extension icon and go to Options. Check the box next to “Use my proxy server (if present):” and exit the pop up window to save your settings.
You should now be protected from WebRTC leaks when using a VPN.